ARM’s embedded TLS library fixes man-in-the-middle fiddle

IoT security helper is vulnerable to attacks by malicious peers

ARM's "mbed TLS" software can be tricked into an authentication bypass and needs a patch.

Created by PolarSSL, which was acquired in February by ARM, mbed is a crypto library designed to make it easy for embedded system developers to add SSL/TLS capabilities to their products.

As well as client-server models (that is, an embedded IoT device talking to a server), mbed also lets peer devices set up TLS sessions between each other.

As explained in this advisory, there's a slip in the software's peer authentication, leading to an authentication bypass.

“If a malicious peer supplies an X.509 certificate chain that has more than MBEDTLS_X509_MAX_INTERMEDIATE_CA intermediates (which by default is 8), it could bypass authentication of the certificates, when the authentication mode was set to 'optional' eg. MBEDTLS_SSL_VERIFY_OPTIONAL. The issue could be triggered remotely by both the client and server sides.”

If exploited, an attacker could impersonate a device and act as a man-in-the-middle.

The bug is fixed in mbed TLS 1.3.21, mbed TLS 2.1.9 or mbed TLS 2.6.0; if developers or users can't upgrade, setting authentication to “required” instead of “optional” (setting the MBEDTLS_SSL_VERIFY_REQUIRED flag) will block the issue.

mbed TLS also ships as part of some Linux distributions, including Debian and Ubuntu. ®